6 * Kazunori MIYAZAWA @USAGI
7 * Kunihiro Ishiguro <kunihiro@ipinfusion.com>
9 * YOSHIFUJI Hideaki @USAGI
10 * Split up af-specific functions
11 * Derek Atkins <derek@ihtfp.com>
12 * Add UDP Encapsulation
16 #include <linux/workqueue.h>
18 #include <linux/pfkeyv2.h>
19 #include <linux/ipsec.h>
20 #include <linux/module.h>
21 #include <asm/uaccess.h>
24 EXPORT_SYMBOL(xfrm_nl
);
26 u32 sysctl_xfrm_aevent_etime
= XFRM_AE_ETIME
;
27 EXPORT_SYMBOL(sysctl_xfrm_aevent_etime
);
29 u32 sysctl_xfrm_aevent_rseqth
= XFRM_AE_SEQT_SIZE
;
30 EXPORT_SYMBOL(sysctl_xfrm_aevent_rseqth
);
32 /* Each xfrm_state may be linked to two tables:
34 1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl)
35 2. Hash table by daddr to find what SAs exist for given
36 destination/tunnel endpoint. (output)
39 static DEFINE_SPINLOCK(xfrm_state_lock
);
41 /* Hash table to find appropriate SA towards given target (endpoint
42 * of tunnel or destination of transport mode) allowed by selector.
44 * Main use is finding SA after policy selected tunnel or transport mode.
45 * Also, it can be used by ah/esp icmp error handler to find offending SA.
47 static struct list_head xfrm_state_bydst
[XFRM_DST_HSIZE
];
48 static struct list_head xfrm_state_bysrc
[XFRM_DST_HSIZE
];
49 static struct list_head xfrm_state_byspi
[XFRM_DST_HSIZE
];
51 DECLARE_WAIT_QUEUE_HEAD(km_waitq
);
52 EXPORT_SYMBOL(km_waitq
);
54 static DEFINE_RWLOCK(xfrm_state_afinfo_lock
);
55 static struct xfrm_state_afinfo
*xfrm_state_afinfo
[NPROTO
];
57 static struct work_struct xfrm_state_gc_work
;
58 static struct list_head xfrm_state_gc_list
= LIST_HEAD_INIT(xfrm_state_gc_list
);
59 static DEFINE_SPINLOCK(xfrm_state_gc_lock
);
61 static int xfrm_state_gc_flush_bundles
;
63 int __xfrm_state_delete(struct xfrm_state
*x
);
65 static struct xfrm_state_afinfo
*xfrm_state_get_afinfo(unsigned short family
);
66 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo
*afinfo
);
68 int km_query(struct xfrm_state
*x
, struct xfrm_tmpl
*t
, struct xfrm_policy
*pol
);
69 void km_state_expired(struct xfrm_state
*x
, int hard
, u32 pid
);
71 static void xfrm_state_gc_destroy(struct xfrm_state
*x
)
73 if (del_timer(&x
->timer
))
75 if (del_timer(&x
->rtimer
))
83 xfrm_put_mode(x
->mode
);
85 x
->type
->destructor(x
);
86 xfrm_put_type(x
->type
);
88 security_xfrm_state_free(x
);
92 static void xfrm_state_gc_task(void *data
)
95 struct list_head
*entry
, *tmp
;
96 struct list_head gc_list
= LIST_HEAD_INIT(gc_list
);
98 if (xfrm_state_gc_flush_bundles
) {
99 xfrm_state_gc_flush_bundles
= 0;
100 xfrm_flush_bundles();
103 spin_lock_bh(&xfrm_state_gc_lock
);
104 list_splice_init(&xfrm_state_gc_list
, &gc_list
);
105 spin_unlock_bh(&xfrm_state_gc_lock
);
107 list_for_each_safe(entry
, tmp
, &gc_list
) {
108 x
= list_entry(entry
, struct xfrm_state
, bydst
);
109 xfrm_state_gc_destroy(x
);
114 static inline unsigned long make_jiffies(long secs
)
116 if (secs
>= (MAX_SCHEDULE_TIMEOUT
-1)/HZ
)
117 return MAX_SCHEDULE_TIMEOUT
-1;
122 static void xfrm_timer_handler(unsigned long data
)
124 struct xfrm_state
*x
= (struct xfrm_state
*)data
;
125 unsigned long now
= (unsigned long)xtime
.tv_sec
;
126 long next
= LONG_MAX
;
130 if (x
->km
.state
== XFRM_STATE_DEAD
)
132 if (x
->km
.state
== XFRM_STATE_EXPIRED
)
134 if (x
->lft
.hard_add_expires_seconds
) {
135 long tmo
= x
->lft
.hard_add_expires_seconds
+
136 x
->curlft
.add_time
- now
;
142 if (x
->lft
.hard_use_expires_seconds
) {
143 long tmo
= x
->lft
.hard_use_expires_seconds
+
144 (x
->curlft
.use_time
? : now
) - now
;
152 if (x
->lft
.soft_add_expires_seconds
) {
153 long tmo
= x
->lft
.soft_add_expires_seconds
+
154 x
->curlft
.add_time
- now
;
160 if (x
->lft
.soft_use_expires_seconds
) {
161 long tmo
= x
->lft
.soft_use_expires_seconds
+
162 (x
->curlft
.use_time
? : now
) - now
;
171 km_state_expired(x
, 0, 0);
173 if (next
!= LONG_MAX
&&
174 !mod_timer(&x
->timer
, jiffies
+ make_jiffies(next
)))
179 if (x
->km
.state
== XFRM_STATE_ACQ
&& x
->id
.spi
== 0) {
180 x
->km
.state
= XFRM_STATE_EXPIRED
;
185 if (!__xfrm_state_delete(x
) && x
->id
.spi
)
186 km_state_expired(x
, 1, 0);
189 spin_unlock(&x
->lock
);
193 static void xfrm_replay_timer_handler(unsigned long data
);
195 struct xfrm_state
*xfrm_state_alloc(void)
197 struct xfrm_state
*x
;
199 x
= kzalloc(sizeof(struct xfrm_state
), GFP_ATOMIC
);
202 atomic_set(&x
->refcnt
, 1);
203 atomic_set(&x
->tunnel_users
, 0);
204 INIT_LIST_HEAD(&x
->bydst
);
205 INIT_LIST_HEAD(&x
->bysrc
);
206 INIT_LIST_HEAD(&x
->byspi
);
207 init_timer(&x
->timer
);
208 x
->timer
.function
= xfrm_timer_handler
;
209 x
->timer
.data
= (unsigned long)x
;
210 init_timer(&x
->rtimer
);
211 x
->rtimer
.function
= xfrm_replay_timer_handler
;
212 x
->rtimer
.data
= (unsigned long)x
;
213 x
->curlft
.add_time
= (unsigned long)xtime
.tv_sec
;
214 x
->lft
.soft_byte_limit
= XFRM_INF
;
215 x
->lft
.soft_packet_limit
= XFRM_INF
;
216 x
->lft
.hard_byte_limit
= XFRM_INF
;
217 x
->lft
.hard_packet_limit
= XFRM_INF
;
218 x
->replay_maxage
= 0;
219 x
->replay_maxdiff
= 0;
220 spin_lock_init(&x
->lock
);
224 EXPORT_SYMBOL(xfrm_state_alloc
);
226 void __xfrm_state_destroy(struct xfrm_state
*x
)
228 BUG_TRAP(x
->km
.state
== XFRM_STATE_DEAD
);
230 spin_lock_bh(&xfrm_state_gc_lock
);
231 list_add(&x
->bydst
, &xfrm_state_gc_list
);
232 spin_unlock_bh(&xfrm_state_gc_lock
);
233 schedule_work(&xfrm_state_gc_work
);
235 EXPORT_SYMBOL(__xfrm_state_destroy
);
237 int __xfrm_state_delete(struct xfrm_state
*x
)
241 if (x
->km
.state
!= XFRM_STATE_DEAD
) {
242 x
->km
.state
= XFRM_STATE_DEAD
;
243 spin_lock(&xfrm_state_lock
);
252 spin_unlock(&xfrm_state_lock
);
253 if (del_timer(&x
->timer
))
255 if (del_timer(&x
->rtimer
))
258 /* The number two in this test is the reference
259 * mentioned in the comment below plus the reference
260 * our caller holds. A larger value means that
261 * there are DSTs attached to this xfrm_state.
263 if (atomic_read(&x
->refcnt
) > 2) {
264 xfrm_state_gc_flush_bundles
= 1;
265 schedule_work(&xfrm_state_gc_work
);
268 /* All xfrm_state objects are created by xfrm_state_alloc.
269 * The xfrm_state_alloc call gives a reference, and that
270 * is what we are dropping here.
278 EXPORT_SYMBOL(__xfrm_state_delete
);
280 int xfrm_state_delete(struct xfrm_state
*x
)
284 spin_lock_bh(&x
->lock
);
285 err
= __xfrm_state_delete(x
);
286 spin_unlock_bh(&x
->lock
);
290 EXPORT_SYMBOL(xfrm_state_delete
);
292 void xfrm_state_flush(u8 proto
)
295 struct xfrm_state
*x
;
297 spin_lock_bh(&xfrm_state_lock
);
298 for (i
= 0; i
< XFRM_DST_HSIZE
; i
++) {
300 list_for_each_entry(x
, xfrm_state_bydst
+i
, bydst
) {
301 if (!xfrm_state_kern(x
) &&
302 xfrm_id_proto_match(x
->id
.proto
, proto
)) {
304 spin_unlock_bh(&xfrm_state_lock
);
306 xfrm_state_delete(x
);
309 spin_lock_bh(&xfrm_state_lock
);
314 spin_unlock_bh(&xfrm_state_lock
);
317 EXPORT_SYMBOL(xfrm_state_flush
);
320 xfrm_init_tempsel(struct xfrm_state
*x
, struct flowi
*fl
,
321 struct xfrm_tmpl
*tmpl
,
322 xfrm_address_t
*daddr
, xfrm_address_t
*saddr
,
323 unsigned short family
)
325 struct xfrm_state_afinfo
*afinfo
= xfrm_state_get_afinfo(family
);
328 afinfo
->init_tempsel(x
, fl
, tmpl
, daddr
, saddr
);
329 xfrm_state_put_afinfo(afinfo
);
334 xfrm_state_find(xfrm_address_t
*daddr
, xfrm_address_t
*saddr
,
335 struct flowi
*fl
, struct xfrm_tmpl
*tmpl
,
336 struct xfrm_policy
*pol
, int *err
,
337 unsigned short family
)
339 unsigned h
= xfrm_dst_hash(daddr
, family
);
340 struct xfrm_state
*x
, *x0
;
341 int acquire_in_progress
= 0;
343 struct xfrm_state
*best
= NULL
;
344 struct xfrm_state_afinfo
*afinfo
;
346 afinfo
= xfrm_state_get_afinfo(family
);
347 if (afinfo
== NULL
) {
348 *err
= -EAFNOSUPPORT
;
352 spin_lock_bh(&xfrm_state_lock
);
353 list_for_each_entry(x
, xfrm_state_bydst
+h
, bydst
) {
354 if (x
->props
.family
== family
&&
355 x
->props
.reqid
== tmpl
->reqid
&&
356 !(x
->props
.flags
& XFRM_STATE_WILDRECV
) &&
357 xfrm_state_addr_check(x
, daddr
, saddr
, family
) &&
358 tmpl
->mode
== x
->props
.mode
&&
359 tmpl
->id
.proto
== x
->id
.proto
&&
360 (tmpl
->id
.spi
== x
->id
.spi
|| !tmpl
->id
.spi
)) {
362 1. There is a valid state with matching selector.
364 2. Valid state with inappropriate selector. Skip.
366 Entering area of "sysdeps".
368 3. If state is not valid, selector is temporary,
369 it selects only session which triggered
370 previous resolution. Key manager will do
371 something to install a state with proper
374 if (x
->km
.state
== XFRM_STATE_VALID
) {
375 if (!xfrm_selector_match(&x
->sel
, fl
, family
) ||
376 !security_xfrm_state_pol_flow_match(x
, pol
, fl
))
379 best
->km
.dying
> x
->km
.dying
||
380 (best
->km
.dying
== x
->km
.dying
&&
381 best
->curlft
.add_time
< x
->curlft
.add_time
))
383 } else if (x
->km
.state
== XFRM_STATE_ACQ
) {
384 acquire_in_progress
= 1;
385 } else if (x
->km
.state
== XFRM_STATE_ERROR
||
386 x
->km
.state
== XFRM_STATE_EXPIRED
) {
387 if (xfrm_selector_match(&x
->sel
, fl
, family
) &&
388 security_xfrm_state_pol_flow_match(x
, pol
, fl
))
395 if (!x
&& !error
&& !acquire_in_progress
) {
397 (x0
= afinfo
->state_lookup(daddr
, tmpl
->id
.spi
,
398 tmpl
->id
.proto
)) != NULL
) {
403 x
= xfrm_state_alloc();
408 /* Initialize temporary selector matching only
409 * to current session. */
410 xfrm_init_tempsel(x
, fl
, tmpl
, daddr
, saddr
, family
);
412 error
= security_xfrm_state_alloc_acquire(x
, pol
->security
, fl
->secid
);
414 x
->km
.state
= XFRM_STATE_DEAD
;
420 if (km_query(x
, tmpl
, pol
) == 0) {
421 x
->km
.state
= XFRM_STATE_ACQ
;
422 list_add_tail(&x
->bydst
, xfrm_state_bydst
+h
);
424 list_add_tail(&x
->bysrc
, xfrm_state_bysrc
+h
);
427 h
= xfrm_spi_hash(&x
->id
.daddr
, x
->id
.spi
, x
->id
.proto
, family
);
428 list_add(&x
->byspi
, xfrm_state_byspi
+h
);
431 x
->lft
.hard_add_expires_seconds
= XFRM_ACQ_EXPIRES
;
433 x
->timer
.expires
= jiffies
+ XFRM_ACQ_EXPIRES
*HZ
;
434 add_timer(&x
->timer
);
436 x
->km
.state
= XFRM_STATE_DEAD
;
446 *err
= acquire_in_progress
? -EAGAIN
: error
;
447 spin_unlock_bh(&xfrm_state_lock
);
448 xfrm_state_put_afinfo(afinfo
);
452 static void __xfrm_state_insert(struct xfrm_state
*x
)
454 unsigned h
= xfrm_dst_hash(&x
->id
.daddr
, x
->props
.family
);
456 list_add(&x
->bydst
, xfrm_state_bydst
+h
);
459 h
= xfrm_src_hash(&x
->props
.saddr
, x
->props
.family
);
461 list_add(&x
->bysrc
, xfrm_state_bysrc
+h
);
464 if (xfrm_id_proto_match(x
->id
.proto
, IPSEC_PROTO_ANY
)) {
465 h
= xfrm_spi_hash(&x
->id
.daddr
, x
->id
.spi
, x
->id
.proto
,
468 list_add(&x
->byspi
, xfrm_state_byspi
+h
);
472 if (!mod_timer(&x
->timer
, jiffies
+ HZ
))
475 if (x
->replay_maxage
&&
476 !mod_timer(&x
->rtimer
, jiffies
+ x
->replay_maxage
))
482 void xfrm_state_insert(struct xfrm_state
*x
)
484 spin_lock_bh(&xfrm_state_lock
);
485 __xfrm_state_insert(x
);
486 spin_unlock_bh(&xfrm_state_lock
);
488 xfrm_flush_all_bundles();
490 EXPORT_SYMBOL(xfrm_state_insert
);
492 static inline struct xfrm_state
*
493 __xfrm_state_locate(struct xfrm_state_afinfo
*afinfo
, struct xfrm_state
*x
,
497 return afinfo
->state_lookup(&x
->id
.daddr
, x
->id
.spi
, x
->id
.proto
);
499 return afinfo
->state_lookup_byaddr(&x
->id
.daddr
, &x
->props
.saddr
, x
->id
.proto
);
502 static struct xfrm_state
*__xfrm_find_acq_byseq(u32 seq
);
504 int xfrm_state_add(struct xfrm_state
*x
)
506 struct xfrm_state_afinfo
*afinfo
;
507 struct xfrm_state
*x1
;
510 int use_spi
= xfrm_id_proto_match(x
->id
.proto
, IPSEC_PROTO_ANY
);
512 family
= x
->props
.family
;
513 afinfo
= xfrm_state_get_afinfo(family
);
514 if (unlikely(afinfo
== NULL
))
515 return -EAFNOSUPPORT
;
517 spin_lock_bh(&xfrm_state_lock
);
519 x1
= __xfrm_state_locate(afinfo
, x
, use_spi
);
527 if (use_spi
&& x
->km
.seq
) {
528 x1
= __xfrm_find_acq_byseq(x
->km
.seq
);
529 if (x1
&& xfrm_addr_cmp(&x1
->id
.daddr
, &x
->id
.daddr
, family
)) {
536 x1
= afinfo
->find_acq(
537 x
->props
.mode
, x
->props
.reqid
, x
->id
.proto
,
538 &x
->id
.daddr
, &x
->props
.saddr
, 0);
540 __xfrm_state_insert(x
);
544 spin_unlock_bh(&xfrm_state_lock
);
545 xfrm_state_put_afinfo(afinfo
);
548 xfrm_flush_all_bundles();
551 xfrm_state_delete(x1
);
557 EXPORT_SYMBOL(xfrm_state_add
);
559 int xfrm_state_update(struct xfrm_state
*x
)
561 struct xfrm_state_afinfo
*afinfo
;
562 struct xfrm_state
*x1
;
564 int use_spi
= xfrm_id_proto_match(x
->id
.proto
, IPSEC_PROTO_ANY
);
566 afinfo
= xfrm_state_get_afinfo(x
->props
.family
);
567 if (unlikely(afinfo
== NULL
))
568 return -EAFNOSUPPORT
;
570 spin_lock_bh(&xfrm_state_lock
);
571 x1
= __xfrm_state_locate(afinfo
, x
, use_spi
);
577 if (xfrm_state_kern(x1
)) {
583 if (x1
->km
.state
== XFRM_STATE_ACQ
) {
584 __xfrm_state_insert(x
);
590 spin_unlock_bh(&xfrm_state_lock
);
591 xfrm_state_put_afinfo(afinfo
);
597 xfrm_state_delete(x1
);
603 spin_lock_bh(&x1
->lock
);
604 if (likely(x1
->km
.state
== XFRM_STATE_VALID
)) {
605 if (x
->encap
&& x1
->encap
)
606 memcpy(x1
->encap
, x
->encap
, sizeof(*x1
->encap
));
607 if (x
->coaddr
&& x1
->coaddr
) {
608 memcpy(x1
->coaddr
, x
->coaddr
, sizeof(*x1
->coaddr
));
610 if (!use_spi
&& memcmp(&x1
->sel
, &x
->sel
, sizeof(x1
->sel
)))
611 memcpy(&x1
->sel
, &x
->sel
, sizeof(x1
->sel
));
612 memcpy(&x1
->lft
, &x
->lft
, sizeof(x1
->lft
));
615 if (!mod_timer(&x1
->timer
, jiffies
+ HZ
))
617 if (x1
->curlft
.use_time
)
618 xfrm_state_check_expire(x1
);
622 spin_unlock_bh(&x1
->lock
);
628 EXPORT_SYMBOL(xfrm_state_update
);
630 int xfrm_state_check_expire(struct xfrm_state
*x
)
632 if (!x
->curlft
.use_time
)
633 x
->curlft
.use_time
= (unsigned long)xtime
.tv_sec
;
635 if (x
->km
.state
!= XFRM_STATE_VALID
)
638 if (x
->curlft
.bytes
>= x
->lft
.hard_byte_limit
||
639 x
->curlft
.packets
>= x
->lft
.hard_packet_limit
) {
640 x
->km
.state
= XFRM_STATE_EXPIRED
;
641 if (!mod_timer(&x
->timer
, jiffies
))
647 (x
->curlft
.bytes
>= x
->lft
.soft_byte_limit
||
648 x
->curlft
.packets
>= x
->lft
.soft_packet_limit
)) {
650 km_state_expired(x
, 0, 0);
654 EXPORT_SYMBOL(xfrm_state_check_expire
);
656 static int xfrm_state_check_space(struct xfrm_state
*x
, struct sk_buff
*skb
)
658 int nhead
= x
->props
.header_len
+ LL_RESERVED_SPACE(skb
->dst
->dev
)
662 return pskb_expand_head(skb
, nhead
, 0, GFP_ATOMIC
);
664 /* Check tail too... */
668 int xfrm_state_check(struct xfrm_state
*x
, struct sk_buff
*skb
)
670 int err
= xfrm_state_check_expire(x
);
673 err
= xfrm_state_check_space(x
, skb
);
677 EXPORT_SYMBOL(xfrm_state_check
);
680 xfrm_state_lookup(xfrm_address_t
*daddr
, u32 spi
, u8 proto
,
681 unsigned short family
)
683 struct xfrm_state
*x
;
684 struct xfrm_state_afinfo
*afinfo
= xfrm_state_get_afinfo(family
);
688 spin_lock_bh(&xfrm_state_lock
);
689 x
= afinfo
->state_lookup(daddr
, spi
, proto
);
690 spin_unlock_bh(&xfrm_state_lock
);
691 xfrm_state_put_afinfo(afinfo
);
694 EXPORT_SYMBOL(xfrm_state_lookup
);
697 xfrm_state_lookup_byaddr(xfrm_address_t
*daddr
, xfrm_address_t
*saddr
,
698 u8 proto
, unsigned short family
)
700 struct xfrm_state
*x
;
701 struct xfrm_state_afinfo
*afinfo
= xfrm_state_get_afinfo(family
);
705 spin_lock_bh(&xfrm_state_lock
);
706 x
= afinfo
->state_lookup_byaddr(daddr
, saddr
, proto
);
707 spin_unlock_bh(&xfrm_state_lock
);
708 xfrm_state_put_afinfo(afinfo
);
711 EXPORT_SYMBOL(xfrm_state_lookup_byaddr
);
714 xfrm_find_acq(u8 mode
, u32 reqid
, u8 proto
,
715 xfrm_address_t
*daddr
, xfrm_address_t
*saddr
,
716 int create
, unsigned short family
)
718 struct xfrm_state
*x
;
719 struct xfrm_state_afinfo
*afinfo
= xfrm_state_get_afinfo(family
);
723 spin_lock_bh(&xfrm_state_lock
);
724 x
= afinfo
->find_acq(mode
, reqid
, proto
, daddr
, saddr
, create
);
725 spin_unlock_bh(&xfrm_state_lock
);
726 xfrm_state_put_afinfo(afinfo
);
729 EXPORT_SYMBOL(xfrm_find_acq
);
731 /* Silly enough, but I'm lazy to build resolution list */
733 static struct xfrm_state
*__xfrm_find_acq_byseq(u32 seq
)
736 struct xfrm_state
*x
;
738 for (i
= 0; i
< XFRM_DST_HSIZE
; i
++) {
739 list_for_each_entry(x
, xfrm_state_bydst
+i
, bydst
) {
740 if (x
->km
.seq
== seq
&& x
->km
.state
== XFRM_STATE_ACQ
) {
749 struct xfrm_state
*xfrm_find_acq_byseq(u32 seq
)
751 struct xfrm_state
*x
;
753 spin_lock_bh(&xfrm_state_lock
);
754 x
= __xfrm_find_acq_byseq(seq
);
755 spin_unlock_bh(&xfrm_state_lock
);
758 EXPORT_SYMBOL(xfrm_find_acq_byseq
);
760 u32
xfrm_get_acqseq(void)
764 static DEFINE_SPINLOCK(acqseq_lock
);
766 spin_lock_bh(&acqseq_lock
);
767 res
= (++acqseq
? : ++acqseq
);
768 spin_unlock_bh(&acqseq_lock
);
771 EXPORT_SYMBOL(xfrm_get_acqseq
);
774 xfrm_alloc_spi(struct xfrm_state
*x
, u32 minspi
, u32 maxspi
)
777 struct xfrm_state
*x0
;
782 if (minspi
== maxspi
) {
783 x0
= xfrm_state_lookup(&x
->id
.daddr
, minspi
, x
->id
.proto
, x
->props
.family
);
791 minspi
= ntohl(minspi
);
792 maxspi
= ntohl(maxspi
);
793 for (h
=0; h
<maxspi
-minspi
+1; h
++) {
794 spi
= minspi
+ net_random()%(maxspi
-minspi
+1);
795 x0
= xfrm_state_lookup(&x
->id
.daddr
, htonl(spi
), x
->id
.proto
, x
->props
.family
);
797 x
->id
.spi
= htonl(spi
);
804 spin_lock_bh(&xfrm_state_lock
);
805 h
= xfrm_spi_hash(&x
->id
.daddr
, x
->id
.spi
, x
->id
.proto
, x
->props
.family
);
806 list_add(&x
->byspi
, xfrm_state_byspi
+h
);
808 spin_unlock_bh(&xfrm_state_lock
);
812 EXPORT_SYMBOL(xfrm_alloc_spi
);
814 int xfrm_state_walk(u8 proto
, int (*func
)(struct xfrm_state
*, int, void*),
818 struct xfrm_state
*x
;
822 spin_lock_bh(&xfrm_state_lock
);
823 for (i
= 0; i
< XFRM_DST_HSIZE
; i
++) {
824 list_for_each_entry(x
, xfrm_state_bydst
+i
, bydst
) {
825 if (xfrm_id_proto_match(x
->id
.proto
, proto
))
834 for (i
= 0; i
< XFRM_DST_HSIZE
; i
++) {
835 list_for_each_entry(x
, xfrm_state_bydst
+i
, bydst
) {
836 if (!xfrm_id_proto_match(x
->id
.proto
, proto
))
838 err
= func(x
, --count
, data
);
844 spin_unlock_bh(&xfrm_state_lock
);
847 EXPORT_SYMBOL(xfrm_state_walk
);
850 void xfrm_replay_notify(struct xfrm_state
*x
, int event
)
853 /* we send notify messages in case
854 * 1. we updated on of the sequence numbers, and the seqno difference
855 * is at least x->replay_maxdiff, in this case we also update the
856 * timeout of our timer function
857 * 2. if x->replay_maxage has elapsed since last update,
858 * and there were changes
860 * The state structure must be locked!
864 case XFRM_REPLAY_UPDATE
:
865 if (x
->replay_maxdiff
&&
866 (x
->replay
.seq
- x
->preplay
.seq
< x
->replay_maxdiff
) &&
867 (x
->replay
.oseq
- x
->preplay
.oseq
< x
->replay_maxdiff
)) {
868 if (x
->xflags
& XFRM_TIME_DEFER
)
869 event
= XFRM_REPLAY_TIMEOUT
;
876 case XFRM_REPLAY_TIMEOUT
:
877 if ((x
->replay
.seq
== x
->preplay
.seq
) &&
878 (x
->replay
.bitmap
== x
->preplay
.bitmap
) &&
879 (x
->replay
.oseq
== x
->preplay
.oseq
)) {
880 x
->xflags
|= XFRM_TIME_DEFER
;
887 memcpy(&x
->preplay
, &x
->replay
, sizeof(struct xfrm_replay_state
));
888 c
.event
= XFRM_MSG_NEWAE
;
889 c
.data
.aevent
= event
;
890 km_state_notify(x
, &c
);
892 if (x
->replay_maxage
&&
893 !mod_timer(&x
->rtimer
, jiffies
+ x
->replay_maxage
)) {
895 x
->xflags
&= ~XFRM_TIME_DEFER
;
898 EXPORT_SYMBOL(xfrm_replay_notify
);
900 static void xfrm_replay_timer_handler(unsigned long data
)
902 struct xfrm_state
*x
= (struct xfrm_state
*)data
;
906 if (x
->km
.state
== XFRM_STATE_VALID
) {
907 if (xfrm_aevent_is_on())
908 xfrm_replay_notify(x
, XFRM_REPLAY_TIMEOUT
);
910 x
->xflags
|= XFRM_TIME_DEFER
;
913 spin_unlock(&x
->lock
);
917 int xfrm_replay_check(struct xfrm_state
*x
, u32 seq
)
923 if (unlikely(seq
== 0))
926 if (likely(seq
> x
->replay
.seq
))
929 diff
= x
->replay
.seq
- seq
;
930 if (diff
>= x
->props
.replay_window
) {
931 x
->stats
.replay_window
++;
935 if (x
->replay
.bitmap
& (1U << diff
)) {
941 EXPORT_SYMBOL(xfrm_replay_check
);
943 void xfrm_replay_advance(struct xfrm_state
*x
, u32 seq
)
949 if (seq
> x
->replay
.seq
) {
950 diff
= seq
- x
->replay
.seq
;
951 if (diff
< x
->props
.replay_window
)
952 x
->replay
.bitmap
= ((x
->replay
.bitmap
) << diff
) | 1;
954 x
->replay
.bitmap
= 1;
957 diff
= x
->replay
.seq
- seq
;
958 x
->replay
.bitmap
|= (1U << diff
);
961 if (xfrm_aevent_is_on())
962 xfrm_replay_notify(x
, XFRM_REPLAY_UPDATE
);
964 EXPORT_SYMBOL(xfrm_replay_advance
);
966 static struct list_head xfrm_km_list
= LIST_HEAD_INIT(xfrm_km_list
);
967 static DEFINE_RWLOCK(xfrm_km_lock
);
969 void km_policy_notify(struct xfrm_policy
*xp
, int dir
, struct km_event
*c
)
973 read_lock(&xfrm_km_lock
);
974 list_for_each_entry(km
, &xfrm_km_list
, list
)
975 if (km
->notify_policy
)
976 km
->notify_policy(xp
, dir
, c
);
977 read_unlock(&xfrm_km_lock
);
980 void km_state_notify(struct xfrm_state
*x
, struct km_event
*c
)
983 read_lock(&xfrm_km_lock
);
984 list_for_each_entry(km
, &xfrm_km_list
, list
)
987 read_unlock(&xfrm_km_lock
);
990 EXPORT_SYMBOL(km_policy_notify
);
991 EXPORT_SYMBOL(km_state_notify
);
993 void km_state_expired(struct xfrm_state
*x
, int hard
, u32 pid
)
999 c
.event
= XFRM_MSG_EXPIRE
;
1000 km_state_notify(x
, &c
);
1006 EXPORT_SYMBOL(km_state_expired
);
1008 * We send to all registered managers regardless of failure
1009 * We are happy with one success
1011 int km_query(struct xfrm_state
*x
, struct xfrm_tmpl
*t
, struct xfrm_policy
*pol
)
1013 int err
= -EINVAL
, acqret
;
1014 struct xfrm_mgr
*km
;
1016 read_lock(&xfrm_km_lock
);
1017 list_for_each_entry(km
, &xfrm_km_list
, list
) {
1018 acqret
= km
->acquire(x
, t
, pol
, XFRM_POLICY_OUT
);
1022 read_unlock(&xfrm_km_lock
);
1025 EXPORT_SYMBOL(km_query
);
1027 int km_new_mapping(struct xfrm_state
*x
, xfrm_address_t
*ipaddr
, u16 sport
)
1030 struct xfrm_mgr
*km
;
1032 read_lock(&xfrm_km_lock
);
1033 list_for_each_entry(km
, &xfrm_km_list
, list
) {
1034 if (km
->new_mapping
)
1035 err
= km
->new_mapping(x
, ipaddr
, sport
);
1039 read_unlock(&xfrm_km_lock
);
1042 EXPORT_SYMBOL(km_new_mapping
);
1044 void km_policy_expired(struct xfrm_policy
*pol
, int dir
, int hard
, u32 pid
)
1050 c
.event
= XFRM_MSG_POLEXPIRE
;
1051 km_policy_notify(pol
, dir
, &c
);
1056 EXPORT_SYMBOL(km_policy_expired
);
1058 int xfrm_user_policy(struct sock
*sk
, int optname
, u8 __user
*optval
, int optlen
)
1062 struct xfrm_mgr
*km
;
1063 struct xfrm_policy
*pol
= NULL
;
1065 if (optlen
<= 0 || optlen
> PAGE_SIZE
)
1068 data
= kmalloc(optlen
, GFP_KERNEL
);
1073 if (copy_from_user(data
, optval
, optlen
))
1077 read_lock(&xfrm_km_lock
);
1078 list_for_each_entry(km
, &xfrm_km_list
, list
) {
1079 pol
= km
->compile_policy(sk
, optname
, data
,
1084 read_unlock(&xfrm_km_lock
);
1087 xfrm_sk_policy_insert(sk
, err
, pol
);
1096 EXPORT_SYMBOL(xfrm_user_policy
);
1098 int xfrm_register_km(struct xfrm_mgr
*km
)
1100 write_lock_bh(&xfrm_km_lock
);
1101 list_add_tail(&km
->list
, &xfrm_km_list
);
1102 write_unlock_bh(&xfrm_km_lock
);
1105 EXPORT_SYMBOL(xfrm_register_km
);
1107 int xfrm_unregister_km(struct xfrm_mgr
*km
)
1109 write_lock_bh(&xfrm_km_lock
);
1110 list_del(&km
->list
);
1111 write_unlock_bh(&xfrm_km_lock
);
1114 EXPORT_SYMBOL(xfrm_unregister_km
);
1116 int xfrm_state_register_afinfo(struct xfrm_state_afinfo
*afinfo
)
1119 if (unlikely(afinfo
== NULL
))
1121 if (unlikely(afinfo
->family
>= NPROTO
))
1122 return -EAFNOSUPPORT
;
1123 write_lock_bh(&xfrm_state_afinfo_lock
);
1124 if (unlikely(xfrm_state_afinfo
[afinfo
->family
] != NULL
))
1127 afinfo
->state_bydst
= xfrm_state_bydst
;
1128 afinfo
->state_bysrc
= xfrm_state_bysrc
;
1129 afinfo
->state_byspi
= xfrm_state_byspi
;
1130 xfrm_state_afinfo
[afinfo
->family
] = afinfo
;
1132 write_unlock_bh(&xfrm_state_afinfo_lock
);
1135 EXPORT_SYMBOL(xfrm_state_register_afinfo
);
1137 int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo
*afinfo
)
1140 if (unlikely(afinfo
== NULL
))
1142 if (unlikely(afinfo
->family
>= NPROTO
))
1143 return -EAFNOSUPPORT
;
1144 write_lock_bh(&xfrm_state_afinfo_lock
);
1145 if (likely(xfrm_state_afinfo
[afinfo
->family
] != NULL
)) {
1146 if (unlikely(xfrm_state_afinfo
[afinfo
->family
] != afinfo
))
1149 xfrm_state_afinfo
[afinfo
->family
] = NULL
;
1150 afinfo
->state_byspi
= NULL
;
1151 afinfo
->state_bysrc
= NULL
;
1152 afinfo
->state_bydst
= NULL
;
1155 write_unlock_bh(&xfrm_state_afinfo_lock
);
1158 EXPORT_SYMBOL(xfrm_state_unregister_afinfo
);
1160 static struct xfrm_state_afinfo
*xfrm_state_get_afinfo(unsigned short family
)
1162 struct xfrm_state_afinfo
*afinfo
;
1163 if (unlikely(family
>= NPROTO
))
1165 read_lock(&xfrm_state_afinfo_lock
);
1166 afinfo
= xfrm_state_afinfo
[family
];
1167 if (unlikely(!afinfo
))
1168 read_unlock(&xfrm_state_afinfo_lock
);
1172 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo
*afinfo
)
1174 read_unlock(&xfrm_state_afinfo_lock
);
1177 /* Temporarily located here until net/xfrm/xfrm_tunnel.c is created */
1178 void xfrm_state_delete_tunnel(struct xfrm_state
*x
)
1181 struct xfrm_state
*t
= x
->tunnel
;
1183 if (atomic_read(&t
->tunnel_users
) == 2)
1184 xfrm_state_delete(t
);
1185 atomic_dec(&t
->tunnel_users
);
1190 EXPORT_SYMBOL(xfrm_state_delete_tunnel
);
1193 * This function is NOT optimal. For example, with ESP it will give an
1194 * MTU that's usually two bytes short of being optimal. However, it will
1195 * usually give an answer that's a multiple of 4 provided the input is
1196 * also a multiple of 4.
1198 int xfrm_state_mtu(struct xfrm_state
*x
, int mtu
)
1202 res
-= x
->props
.header_len
;
1210 spin_lock_bh(&x
->lock
);
1211 if (x
->km
.state
== XFRM_STATE_VALID
&&
1212 x
->type
&& x
->type
->get_max_size
)
1213 m
= x
->type
->get_max_size(x
, m
);
1215 m
+= x
->props
.header_len
;
1216 spin_unlock_bh(&x
->lock
);
1226 int xfrm_init_state(struct xfrm_state
*x
)
1228 struct xfrm_state_afinfo
*afinfo
;
1229 int family
= x
->props
.family
;
1232 err
= -EAFNOSUPPORT
;
1233 afinfo
= xfrm_state_get_afinfo(family
);
1238 if (afinfo
->init_flags
)
1239 err
= afinfo
->init_flags(x
);
1241 xfrm_state_put_afinfo(afinfo
);
1246 err
= -EPROTONOSUPPORT
;
1247 x
->type
= xfrm_get_type(x
->id
.proto
, family
);
1248 if (x
->type
== NULL
)
1251 err
= x
->type
->init_state(x
);
1255 x
->mode
= xfrm_get_mode(x
->props
.mode
, family
);
1256 if (x
->mode
== NULL
)
1259 x
->km
.state
= XFRM_STATE_VALID
;
1265 EXPORT_SYMBOL(xfrm_init_state
);
1267 void __init
xfrm_state_init(void)
1271 for (i
=0; i
<XFRM_DST_HSIZE
; i
++) {
1272 INIT_LIST_HEAD(&xfrm_state_bydst
[i
]);
1273 INIT_LIST_HEAD(&xfrm_state_bysrc
[i
]);
1274 INIT_LIST_HEAD(&xfrm_state_byspi
[i
]);
1276 INIT_WORK(&xfrm_state_gc_work
, xfrm_state_gc_task
, NULL
);